Zero Trust
Overview
Zero Trust is based on the principle of “never trust, always verify”.
This reflects the changing face of modern work as people, businesses and systems are connected in myriad ways.
Mobile workforces and remote working, hybrid cloud and multi-cloud solutions and the rising interconnectedness of business and people has rendered the security of perimeters nearly redundant due to the complexity and size of the attack surface.
By virtue of this, network perimeters, devices, services and people are not trusted, and mutual authentication is advocated.
- Assume the network has been compromised
- Authentication should happen per request
- Authentication should be mutual
Assume breach and verify each request as though it originated from an uncontrolled network.